We at Microburst Technologies, Inc. take security very seriously, but in
order to ensure that transactions are indeed secure, it is up to you to
setup uStorekeeper correctly. This reference page describes how
uStorekeeper Security works and how to configure uStorekeeper correctly
in order to ensure secure transactions.
- How uStorekeeper Security Works
- uStorekeeper Security Requirements
- Configuring uStorekeeper For Secure Transactions
- The "data" Directory On Your Secure Server
1. How uStorekeeper Security Works
In order to ensure that sensitive payment information gets securely from
the customer to the store owner, uStorekeeper implements a two step process.
Step 1 is securely getting the order information from the customer to a file
on the secure server. Step 2 is securely getting the order file from the
secure server to the store owner. This process works in correlation with
your secure server's SSL communication protocol and at no time is sensitive
payment information sent via email. This is illustrated in the figures below.
2. uStorekeeper Security Requirements
uStorekeeper itself, does not implement any encryption mechanism, but rather
relies on the standard SSL protocol that is used when communicating with a
secure server. That is, the encryption is handled external to uStorekeeper -
by your browser and your secure server. Thus, in order to make transactions
secure, you must have a secure server upon which you can install
uStorekeeper's CGI scripts
. Furthermore, because the shopping cart data
that the customer generates while shopping on your public (http) server must
also be accessable by the uStorekeeper scripts on your secure (https) server,
your public server and your secure server must physically be the same
. (This is typically the case.)
Note that if you will be using Authorize.Net to process the customer's payment
information, then the secure server requirement can be waived. This is because
the customer will be transferred to Authorize.Net's secure server when entering
the payment information. The payment information will stay on Authorize.Net's
secure server and only a transaction approved/denied indicator is sent back to
the storeowner's server.
3. Configuring uStorekeeper For Secure Transactions
See the uStorekeeper User's Guide
information about configuring the uStorekeeper CGI Scripts. Note that the
following configuration questions should refer to the URL of your secure
server (beginning with https
): Question #3 ($secure_domain),
Question #5 ($secure_runtime_script_url), Question #7 ($secure_manager_script_url),
Question #9 ($secure_affiliate_script_url), and Question #11 ($secure_image_url).
4. The "data" Directory On Your Secure Server
As described in the installation section of the
uStorekeeper User's Guide
you need to create a "data" directory on your secure server. This directory is where
the order files will be stored on your server, so the ustorekeeper.pl script must have
permission to read/write to that directory. The trick is that while the directory must
be readable/writable by the ustorekeeper CGI script, this directory must not have
permissions set so that any website visitor can view the contents of your data directory.
That is, it is very important that your data directory is not viewable by regular
For UNIX servers, the ideal permissions on this directory is 700 which indicates that
only the owner has read/write/execute permissions. However, depending on how your server
is setup, CGI scripts when executed from the web may run as 'nobody' or 'www'. In this
case, you may have to increase the permissions on the data directory to 755 or even, 777.
For NT servers, the directory needs to have read/write permissions. You may have to ask
your web hosting provider to give that directory those permissions because regular FTP
programs can't change the permissions of directories on NT servers.
In any case, the
thing to remember is that your data directory must not be
viewable by regular website visitors
. To test this out, try going to the URL of your
data directory, such as the data directory on our website:
You should get some sort of "permission denied" message. If instead you are permitted
to see a listing of your data directory, then contact your web hosting provider to get
your account setup so that your cgi-bin is not viewable by website visitors
. Your web
hosting provider should know how to do this.